The US and Japan are among countries to tighten data privacy laws since the European Union’s General Data Protection Regulation (GDPR) took effect in May last year.

“Regulators intended for the reach of the GDPR to extend far beyond the EU’s borders, with the rights granted under it following wherever an individual’s data may sprawl,” broker Marsh says in a report.

“However, the GDPR has also prompted many nations to introduce comprehensive data privacy rules of their own.

“Brazil, India, Japan, Thailand, the US and others have adopted laws with protections similar to those in the GDPR.

“The enactment of the GDPR marked a titanic shift for data privacy, signalling the start of more aggressive privacy oversight and enforcement in an era of rapidly advancing technology.”

EU regulators have brought more than 200,000 cases in 31 countries and issued fines of nearly €56 million ($90.8 million) in the first nine months of the regime. The fines included a €50 million ($81 million) penalty on one company that inadequately explained to customers how it collected personal data from new accounts.